A new crypto alert shakes the hardware wallet user community. Trezor, one of the industry leaders, was the victim of a phishing attack through its own customer support. All the details in the paragraphs below!

In summary

  • Hackers exploited Trezor's contact form to send credible phishing emails.

  • No technical failure, but high risk of crypto scam through targeted social engineering.

A sophisticated crypto attack targets Trezor

Monday morning, Trezor published an official notice to its community. Hackers managed to divert the official website's contact form to make it appear that the responses were legitimate from customer support. These fake emails looked authentic and encouraged victims to share their wallet backup.

The company clarifies that there were no email leaks and that the system was not actually hacked. In reality, hackers sent messages to support posing as already known users through previous leaks (from Mailchimp or others). This triggered an 'official' automatic response. A simple, yet efficient mechanism!

The company claims to have secured the involved channel. It is actively seeking solutions to prevent future diversions.

Social engineering, a new weapon in crypto scams

This case is reminiscent of previous incidents in the crypto world, especially at Ledger. The company suffered a massive leak in 2020. Waves of phishing occurred, targeting thousands of investors through emails and fake support. More recently, MetaMask and Trust Wallet users have also been victims of similar attempts.

The real threat here is not a technical failure, but psychological manipulation. Exploiting users' trust in customer support, fraudsters play with panic and urgency. Once the backup is provided, access to crypto funds is complete.

The lesson? Even without IT breaches, scammers adapt their methods. Education, vigilance, and offline data protection remain the best defenses in the crypto universe.

This attack without a direct hack shows that social engineering has become one of the most powerful weapons against crypto investors. Vigilance, therefore, remains necessary, even when everything seems safe.